import pymysql
from hashlib import sha1
from settings import dbParmas
conn = pymysql.Connect(**dbParmas)
cursor = conn.cursor()
#输入用户名密码
username = input('输入名字')
password = input('输入密码')
password = sha1(password.encode('utf8')).hexdigest()#字节流字符串
print(username, password)
# username = pymysql.escape_string(username)#防止注入
sql = "select name from user where name=%s and password=%s"
#execute 第一个参数sql语句,第二个为包含的参数,可以为列表或者元祖
result = cursor.execute(sql,[username, password])#第二种防止注入攻击的
if result>0:
    print('成功')
else:
    print('失败')
cursor.close()
conn.close()